GnuTLS is a free software implementation of the TLS and DTLS protocols, particularly popular in the areas of desktop and virtualization. Like other major libraries, GnuTLS is actively integrating Post-Quantum Cryptography (PQC) to ensure the future security of digital communication against the threat of quantum computing. Our journey began with prototyping using liboqs at the IETF hackathon, followed by transitioning to another implementation, leancrypto, for certification and performance reasons. Looking ahead, our current focus is to introduce a native PQC implementation via the Nettle cryptographic library, the default GnuTLS backend, motivated by a desire for consistent licensing across the ecosystem and the strategic advantage of increasing implementation diversity to mitigate single-source risks.

Implementing these complex lattice-based cryptographic primitives in C has presented several technical challenges that we feel are important to share with the community. We will detail common pitfalls, such as securing against potential side-channel vulnerabilities, where operations dependent on secret data require strict constant-time coding, and addressing the memory allocation and management complexities inherent in PQC’s polynomial and matrix operations. Our presentation will outline the strategies we have adopted, including branchless coding where feasible, rigorously zeroing memory to prevent leakage, avoiding signed integer overflow, and implementing dedicated constant-time validation tests.

NOTE: At some points this video blanks briefly to a white screen to obscure attendees with red lanyards who did not consent to being recorded.

plus-circle Add Review

comment

Reviews